Gilberto Trivelato - IMA

PROCESS WHAT IS IT?
CMMI Guidelines
Procedures and methods, defining the relationship of tasks
IMA - Integrated Modular Avionics

Agosto 2006
PROCESS
People with skills, training and motivation Tools and equipment
Airborne Computer Systems
CMMI: Capability Maturity Model Integration
III Semana de Engenharia Aeronutica EESC USP - 2006
IMA - INTRODUCTION
IMA - INTRODUCTION
1.1
Purpose
1.3
Background
IMA system concepts are presented, including the platform and modules, and their relationships to the hosted applications and avionics functions used in an aircraft installation.
The evolution of software and microelectronics technology enables the introduction of new aircraft functions, new capabilities and increased levels of complexity. The need to perform these complex functions necessitates the use of high-performance computing platforms that can host multiple applications on a single processor or a distributed network of processors. IMA is a shared set of flexible, reusable, and interoperable hardware and software resources that, when integrated, form a platform that provides services, designed and verified to a defined set of safety and performance requirements, to host applications performing aircraft functions.
1.2
Scope
All parties involved in the development, integration, V&V of IMA systems is focused on IMAspecific aspects of design assurance (and may use incremental acceptance). The primary industry-accepted guidance for satisfying airworthiness requirements for IMA components: the ability to obtain incremental acceptance of individual items of the IMA platform (including the core software) and hosted applications enables the reduction of follow-on certification efforts without compromising system safety.
IMA - INTRODUCTION
IMA - INTRODUCTION
1.4
Relationship to Other Documents
1.5
References
In addition to the airworthiness regulations and requirements, various national and international standards for software, avionics, complex electronics, and safety are available. In some communities, compliance with these standards may be required.
The latest versions of the following documents apply: [1] RTCA DO-160 / EUROCAE ED-14, Environmental Conditions and Test Procedures for Airborne Equipment [2] RTCA DO-178 / EUROCAE ED-12, Software Considerations in Airborne Systems and Equipment Certification [3] RTCA DO-200 / EUROCAE ED-76, Standards for Processing Aeronautical Data
[4] RTCA DO-201 / EUROCAE ED-77, Industry Requirements for Aeronautical Information [5] RTCA DO-248 / EUROCAE ED-94, Final Annual Report for Clarification of DO-178B Software Considerations in Airborne Systems and Equipment Certification [6] RTCA DO-254 / EUROCAE ED-80, Design Assurance Guidance for Airborne Electronic Hardware [7] RTCA DO-255 / EUROCAE ED-96, Requirements Specification for Avionics Computer Resource (ACR
IMA - INTRODUCTION
IMA - INTRODUCTION
[8] SAE ARP4754 / EUROCAE ED-79, Certification Considerations for Highly Integrated or Complex Aircraft Systems [9] SAE ARP4761, Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment [10] [11] [12] [13] [14] [15] [16] FAA AC 20-148, Reusable Software Components FAA TSO-C153, Integrated Modular Avionics Hardware Elements FAA Order 8110.49, Software Approval Guidelines ARINC 615A, Software Data Loading ARINC 651, Design Guidance for Integrated Modular Avionics ARINC 653, Avionics Application Software Standard Interface ARINC 664, Aircraft Data Network
1.6
How to Use This Presentation
This presentation is intended to be used only internally. This presentation recognizes that the guidelines herein are not mandated by law, but represent a some basic ideas of the aviation community. This presentation is just a topics list introduction to the reader.
NOTE: When US Advisory Circulars are referenced, they are intended as material that may supply topics and areas for the applicant to consider. All requirements should be coordinated with the applicants local certification authority
IMA - OVERVIEW
IMA - OVERVIEW
2.1
2.1.1
IMA Design AND Certification Terminology

See doc: IMA Design AND Certification Terminology
2.1.2
Certification Terminology
Certification TSO Authorization Acceptance Approval Incremental acceptance
IMA Design Terminology

Aircraft Function Application Component Core Software IMA System Interchangeability Interoperable Intermixiability Module Partitioning Platform Resource Reusable
IMA - OVERVIEW
IMA - OVERVIEW
2.3 Key Characteristics
The key characteristics of IMA platforms and hosted applications influence the IMA system architecture, the detailed system design, and, ultimately, the IMA platform and system acceptance process.
2.2 Architectural Considerations

a. Availability considerations b. Functional performance Resource management Reliability and maintainability Health monitoring
2.3.1 Platforms and Hosted Applications

a. Key IMA platform characteristics b. Platform resources are shared by multiple applications An IMA platform provides robust partitioning of shared resources An IMA platform only allows hosted applications to interact with the platform and other hosted applications through well defined interface. Shared IMA platform resources are configurable
Integrity considerations Design assurance IMA safety and protection features Fault detection and partitioning
c.
Safety considerations Safety assessment
Key Application Characteristics An application may be designed independent of other applications and obtain incremental acceptance on the IMA platform independently of other applications Applications can be integrated onto a platform without unintended interactions with other hosted applications. Applications may be reusable Applications are independently modifiable.
d. e.
Health monitoring and fault management, fault reporting, and recovery actions Composability considerations New function will not invalidate a property once that property has been established System properties follow from subsystem properties
IMA - OVERVIEW
IMA - OVERVIEW
2.3.2
Shared Resources
2.3.3
Robust Partitioning
IMA systems may host several applications that share resources. Each shared resource has the potential to become a single point failure that can affect all applications using that resource. CPU(s) Memory Associated interfaces I/O devices Data buses Shared memory Electrical power Processor cycles Bandwidth. The IMA platform provides resource management capabilities for shared resources and health monitoring and fault management capabilities to support the protection of shared resources.
Robust partitioning is a means for assuring the intended isolation and independence in all circumstances (including hardware failures, hardware and software design errors, or anomalous behavior) of aircraft functions and hosted applications using shared resources.
2.3.4
Application Programming Interface (API)
An API defines the standard interfaces between the platform and the hosted applications and provides the means to communicate between applications and to use I/O capabilities (ARINCs)
2.3.5
Health Monitoring and Fault Management
Health monitoring and fault management (HM/FM) functions deserve special attention due to the integration of multiple applications and resource sharing. Unlike federated systems, IMA systems manage platform faults, hardware failures, partitioning violations, and errors and anomalous behavior of hosted applications, including common mode faults and cascading failures. The IMA platform provides health monitoring and fault management capabilities for the platform and hosted applications.
The IMA system may provide health monitoring and fault management capabilities to support availability and integrity requirements.
III Semana de Engenharia Aeronutica EESC USP - 2006 III Semana de Engenharia Aeronutica EESC USP - 2006
IMA - OVERVIEW
IMA - OVERVIEW
2.4
Stakeholders
2.4.4
Platform and Module Suppliers
The assignment of roles and responsibilities is necessary, and should address the entire IMA system life cycle from conceptual design to retirement.
The IMA platform and module suppliers provide the processing hardware and software resources, including the core software.
2.4.1
Certification Authority
2.4.5
Application Supplier
The certification authority is the organization(s) granting approval on behalf of the state(s) responsible for aircraft or engine certification.
2.4.2
Certification Applicant
The applicant is responsible for the demonstration of compliance to the applicable aviation regulations, and is seeking a Type Certificate (TC), Amended TC (ATC), Supplemental Type Certificate (STC) or Amended STC (ASTC).
The application supplier develops the hosted application and verifies it on the IMA platform. The application supplier should ensure that any hardware or software resources that are unique to the hosted application meet the integrity and availability requirements consistent with the assigned failure condition classification as determined by the aircraft system safety assessment.
2.4.6
Maintenance Organization
2.4.3
IMA System Integrator
The maintenance organization follows the appropriate approved procedures received from the certification applicant to keep the IMA system and the aircraft in an airworthy condition.
The IMA system integrator performs the activities necessary to integrate the platform(s) and hosted applications to produce the IMA system.
IMA - GENERAL DEVELOPMENT CONSIDERATIONS
The development of an IMA system is based on an IMA platform containing hardware and software that are common and can be shared by the hosted applications.
Typical Hardware Modules Typical Software Modules
The objectives of the IMA development process are to ensure that:

a. b. Aircraft functions allocated to a specific IMA system are consistent with the design of the system. Aircraft safety and security requirements allocated to a specific IMA system are identified and have been satisfied by the IMA design. This should include assignment of system development assurance, hardware design assurance and software levels. These levels are determined by the aircraft-level safety assessment to support aircraft functions implemented by hosted applications and supporting availability and integrity requirements, and any requirements for tool assessment and qualification. Behavior of any hosted application is prevented from adversely affecting the behavior of any other application or function by the design of the IMA platform. The platform has robust partitioning, resource management and other protection means appropriate to the aircraft functions and hosted applications. Health monitoring and fault management functions of the IMA are provided for the platform to meet specified requirements of the IMA platform. Configuration management for the IMA platform, applications, integrator and certification applicant are established and maintained .
Back Plane Power Supply Common Hardware CPU & Memory
Real Time Executive Built-in Test On-board Maintenance System Protocol I/O Processing
Common Software
c.
Data Bus
Application Specific Software
d. e.
Application Specific Hardware
I/O
Application
Example of a typical design highlighting potential shared resources III Semana de Engenharia Aeronutica EESC USP - 2006 III Semana de Engenharia Aeronutica EESC USP - 2006
a.
Resource management of shared resources are developed and verified, including addressing periodic and aperiodic modification intervals, to ensure that modifications do not aversely affect the behavior of aircraft functions using these resources. Dispatch requirements allocated to the IMA platform are implemented and verified. Human factors requirements pertaining to the IMA system are implemented and verified. An IMA System Certification Plan is developed that satisfies the objectives of this document and describes how this plan relates to other aircraft certification activities and plans.
3.1 IMA System Development Process

These development process which should address, as a minimum: a. b. c. The IMA platform Definition of reusable, sharable modules and resources The hosted applications Definition of the interfaces and system contracts to allow a given hosted application to reside on the given platform. The IMA system Integration of the specific set of hosted applications onto a given IMA platform(s).
b. c. d.
IMA - OVERVIEW
3.1.1 Reusable IMA Platform Development Process
The IMA platform should be defined and developed independently of the specific aircraft functions and the hosted applications a. Define the IMA platform concept The architecture definition An approach for integrating hosted applications, both hardware and software, onto the IMA platform. An IMA platform acceptance approach. An IMA system certification approach that includes support for hosted applications and stakeholder roles and responsibilities for developing compliance data. A list of platform services to be provided to the hosted applications. The intended level of aircraft functions availability and integrity needed, platform capabilities to support it and methods provided for supporting it. The health management and fault management approaches The platform and IMA system configuration management approaches. b. a.
IMA - OVERVIEW
Define the IMA platform requirements Safety capabilities Performance capabilities. Configuration management approach. Environmental conditions under which the platform modules are intended to operate. Fault management and reporting approach and requirements, including considerations for: fault tolerance, fault isolation to modules, detection and isolation of single failures. Detailed requirements for each aspect of the concept definition. IMA platform architecture which has been defined and evaluated to the required safety capabilities.
Develop and implement the IMA platform design. The software and hardware development processes should follow DO-178B and DO-254 at the appropriate level to meet the required safety requirements. Additionally, common cause analysis (CCA) should be performed and qualitative failure analysis for the various top level events defined for the platform should be developed.
IMA - OVERVIEW
a.
Verify and validate the IMA platform addressing the following activities Perform environmental qualification testing to the specified environmental conditions. Perform a partitioning analysis and verification testing; verify other protection capabilities and safety features. Complete the CCA. Complete the numerical analysis showing that implementation meets the reliability requirements and capabilities. Address modules sharing an environment and resources together.
3.1.2Hosted Application Development Process

Development of hosted applications follow the same development processes as used in non-IMA systems, but should address the following additional considerations: a. b. c. d. e. Identify IMA platform resources to be used (part of interface definition). Quantify required IMA platform resources (part of interface definition). Map hosted applications safety assessment to IMA platform safety assessment and capabilities (PSSA, FHA, CCA) Define HM/FM requirements for the Hosted Application, define interactions with IMA platform HM/FM functions. Identify dedicated resources peripheral to the IMA platform. Specify environmental qualification level for dedicated resources. Human factors requirements should be assessed against IMA platform performance.
b.
Obtain IMA platform acceptance using the module acceptance approach All IMA platform requirements should be validated and verified. Traceability between the requirements, implementation, and verification activities should be developed and maintained.
f. g.
3.1.3IMA System Development Process

a. Identify aircraft functions, including functional requirements, performance requirements, safety requirements, availability requirements, and integrity requirements. Allocate IMA platform resources to the aircraft functions considering the aircraft-level FHA, resource requirements (interface specifications), safety capabilities of the IMA platform and MMEL considerations. Determine what hosted applications or aircraft functions need isolation and/or protection from other hosted applications and functions and other protection mechanisms or safety features needed.
a.
Develop the IMA system architecture, addressing the following aspects: Develop IMA System Certification Plan based on aircraft requirements, hosted applications and the IMA system certification approach. Determine the quantity, quality and type of IMA platform modules and resources needed to provide the capability to meet all application requirements, including functional, performance, safety, availability, integrity, and redundancy requirements. Determine any aircraft function requirements driven by the capabilities of the IMA platform modules. Perform a Preliminary System Safety Assessment (PSSA) for each hosted application using the IMA platforms safety requirements. Evaluate the aircraft effects from the combination of platform, hosted applications and shared resource failures. Identify changes required to the allocation of IMA platform resources to correct any issues identified from the individual and combined PSSA activities.
b.
a.
Implementation of the IMA system, including the following activities: Develop the applications and perform partial verification. Integrate applications onto the platform, complete platform core software verification, complete applications verification, and perform IMA system V&V activities, including application/platform integration testing (software, integration testing, hardware/software integration testing). Develop initial IMA system failure analysis using IMA platform top level events as basic events for the hosted applications failure analyses. Evaluate the combination of IMA platform component failures affecting hosted applications which could lead to aircraft level effects, and adjust the allocation and/or applications implementation as necessary. (IMA platform component failures should have a unique top level event.) Perform aircraft ground and flight testing to validate assumptions in the SSA, requirements and environmental definitions.
a.
Integrate, validate, verify, and obtain acceptance of the IMA system (off aircraft). Specific configuration of applications in the IMA system should be shown to meet their requirements (including performance, redundancy management, and IMA platform interface requirements). Numerical analyses for each hosted application should be developed to show it complies with its FHA. Additionally, the hosted application numerical analyses should be combined into an IMA system hardware numerical analysis that shows that the combined events satisfy the aircraft level safety and reliability requirements
a.
Integrate, validate, verify, and obtain acceptance of the IMA system installed on the aircraft.
3.2 IMA System Resource Allocation Activities

The aircraft functional and performance requirements influence the allocation of IMA hosted functions and meeting the safety, integrity and reliability requirements. a. b. c. provisions for computing resource availability application-specific I/O resources network bandwidth
3.5 Partitioning and Resource Management Activities

Partitioning is a technique for providing isolation between functionally independent software components to contain and/or isolate faults and potentially reduce the effort of the software verification process. Robust partitioning should address the following information provided in DO-248/ED-94 (Ref. [5], Section 4.1.4.5): a. b. c. d. e. A software partition should not be allowed to contaminate the code, I/O, or data storage areas of another partition A software partition should be allowed to consume shared processor resources only during its period of execution. A software partition should be allowed to consume shared I/O resources only during its period of execution. Failures of hardware unique to a software partition should not cause adverse effects on other software partitions. Software providing partitioning should have the same or higher software level than the highest level of the partitioned software applications.
3.3 Aircraft Safety and Security

Safety requirements should be addressed in the IMA system requirements. These requirements drive the system configuration and the allocation of functions and hosted applications to IMA resources, and establish the independence, availability and integrity requirements for those hosted applications contributing to the aircraft functions.
3.4 Design Assurance and Tool Assurance

The IMA system and components should be designed and developed to the highest assurance levels needed to support the safety, integrity and availability requirements of the aircraft functions and hosted applications intended for the IMA system as determined by the IMA system safety assessment.
3.5.1Design for Robust Partitioning

The design for partitioning in an IMA platform is an iterative process. Robust partitioning services should provide the protection of the dedicated and shared resources. Failure of these partition services may lead to the generation of unintended failure propagation paths.
3.6 3.6.1 3.6.2 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8
Health Monitoring and Fault Management Components and aspects to be monitored Health determination of each application Health determination of the IMA system as a whole Response to each type of failure Flight Crew Annunciation and Messaging Control of Maintenance Actions and Reporting Redundancy Management Single Event Upset (SEU) Faults
3.5.2Partitioning Analysis
A partitioning analysis to demonstrate that no application or sub-function in a partition could affect the behavior of a sub-function or application in any other partition in an adverse manner. All propagation paths between partitions should be identified.
IMA - CERTIFICATION TASKS
3.7 3.7.1 3.8 3.9 3.9.1 3.9.2 3.10
IMA System Configuration Management Configuration Data Guidance on Use of Shared Databases Master Minimum Equipment List (MMEL) Design Considerations for MMEL Approval Considerations for an MMEL Human Factors Considerations
4.1 4.2 4.2.1 4.2.2 4.2.3 4.2.4 4.2.5
Overview of the Certification Process Task 1 Module Acceptance Module Acceptance Objectives Module Acceptance Data Module Acceptance Plan (MAP) Module Requirements Specification (MRS) Module Validation and Verification (V&V) Data
4.2.6 4.2.7 4.2.8 4.2.9 4.2.10 4.2.11 4.2.12
Module Quality Assurance (QA) Records Module Configuration Index (MCI) Module Acceptance Configuration Management (CM) Records Module Acceptance Accomplishment Summary (MAAS) Module Acceptance Data Sheet (MADS) Module Problem Reports Additional Module Acceptance Life Cycle Data
4.3 4.3.1 4.3.2 4.4 4.4.1 4.4.2 4.4.3 4.4.4 4.4.5 4.4.6 4.4.7
Task 2 Application Acceptance Application Acceptance Objectives Application Acceptance Data Task 3 IMA System Acceptance IMA System Acceptance Objectives IMA System Acceptance Data IMA System Certification Plan (IMASCP) IMA System Validation and Verification Plan (IMASVVP) IMA System Configuration Index (IMASCI) System-level IMA Accomplishment Summary (IMAAS) Other IMA System Life Cycle Data
4.5 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.5.6 4.5.7
Task 4 Aircraft Integration of IMA System (Including V&V) Aircraft Integration Objectives Aircraft-level IMA System Compliance Data Aircraft-level IMA System Certification Plan (IMASCP) Aircraft-level Validation & Verification Plan Aircraft-level IMA System Configuration Index (IMASCI) Aircraft-level IMA Accomplishment Summary (IMAAS) Other Aircraft-level Data
4.6 4.6.1 4.6.2 4.6.3 4.6.4 4.6.5
Task 5 Change of Modules or Applications Changes to IMA System Modules, Resources and Applications Change Objectives Change Management Process Change Impact Analysis (CIA) Change Data
IMA - INTEGRAL PROCESSES
4.7 4.7.1 4.7.2 4.7.3 4.7.4 4.7.5 4.7.6
Task 6 Reuse of Modules or Applications Objectives of the Reuse Process Reuse of a Software Module or Application Reuse of a Complex Electronic Hardware Module or Application Reuse of Environmental Qualification Test Data Reuse of a Module that Contains Software and Hardware Reuse Compliance Data
5.1 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.2 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.3 5.4
Safety Assessment Responsibilities of the Certification Applicant Responsibilities of the IMA System Integrator Responsibilities of the IMA Platform Developer Responsibilities of the Application Developer Safety Assessment Activities System Development Assurance Software Guidance Electronic Hardware Guidance Integration Tool Qualification Shared Design Assurance IMA System Configuration Management Environmental Qualification Testing Validation Verification
IMA - INTEGRAL PROCESSES
IMA - CONSIDERATIONS FOR CONTINUED AIRWORTHINESS OF IMA SYSTEMS
5.5 5.5.1 5.5.2 5.6 5.7 5.7.1 5.7.2 5.7.3 5.7.4 5.7.5 5.7.6 5.7.7
Configuration Management (CM) IMA System Configuration Management Plan Configuration Control QUALITY Assurance Certification Liaison Certification Liaison Process Means of Compliance and Planning Data Development Life Cycle Data Compliance Substantiation Life Cycle Data Submittals Certification Liaison Process When Changes Are Made Certification Liaison Process For Reuse of Modules
6.1 6.2 6.3
Training Maintenance Post Certification Modifications
IMA EXAMPLE 1: Single LRU Platform
IMA EXAMPLE 1: Single LRU Platform
C O N F I G . T A B L E S
P A R T I T I O N
P A R T I T I O N
P A R T I T I O N API
...
P A R T I T I O N
Typical design of a single LRU platform containing:

a. b. c. Hardware: CPU, MMU, network interface and I/O Software: Core software and partitioned application software Configuration tables: partition definition, network port allocation, I/O mapping
Key characteristics of IMA found in this system:

CORE SOFTWARE
a. b.
A stand-alone platform or as a module for use within a larger IMA system. The core software manages multiple software partitions, and provides robust partitioning between applications. Robust partitioning of the network interface The LRU is adapted to ensure the CPU time, memory and I/O requirements of each software application. Another key characteristic is a high level of internal fault/failure detection.
MEMORY
Specific HW
CPUs & MMU
Power Supply
c. d.
N E T W O R K
e.
I/O I/O I/O I/O I/O I/O I/O
Configured single LRU platform

IMA EXAMPLE 2 - distributed IMA platform
Definition of platform and modules

The platform in this example consists of three standard hardware boards, each designed to provide a defined set of functions when assembled in accordance with the modular system architecture:
General Processing Modules

Communication Module
Input/ Output Modules

a.
the General Processing Module (GPM) the Power Supply Module (PSM) the I/O Module (IOM)
Power Supply Modules

b. c.
In this example, all boards share a common structure, containing:

a. b. c. a Processor Module (potentially partitioned as described in first Example) a Communications Module (robust partitioning of communication resource) a functional block (application-specific to each of the hardware board)
Partitioned Network Resource
The platform also uses core software components, which provide a uniform API to applications:
a. b. Distributed modular platform
a real-time operating system module a fault management, and a health-monitoring component

c.
IMA Example 3 - Identifying bounds of a distributed complex IMA system

SENSOR DISTRIBUTED COMPLEX MA SYSTEM EFFECTOR DISTRIBUTED MA SUBSYSTEM RIU SENSOR RIU EFFECTOR SWITCH FEDERATED LRU SWITCH SWITCH RESOURCE CENTER CPM SWITCH CPM CPM IOM SENSOR EFFECTOR HOSTED APPLICATIONS

a. b. c. d. e. Sharing of resources, Robust Partitioning Hosting of multiple applications, Re-qualification impact, Composability API between platform and applications Platform configuration data Fault Management, Health monitoring
FEDERATED LRU
solid line connections indicate data transfer network
OTHER COMPLEX MA SYSTEM
SENSOR EFFECTOR SWITCH SENSOR CPM RIU EFFECTOR RESOURCE CENTER RIU DISTRIBUTED MA SUBSYSTEM SWITCH SWITCH CPM SWITCH CPM IOM
SENSOR EFFECTOR HOSTED APPLICATIONS
Distributed complex modular avionics system

IMA Example 3 - Identifying bounds of a distributed complex IMA system

Typical design of a single LRU platform containing:
a. b. c. Computing resources Data transfer network Remote I/O Units

a. Fault Management, Health monitoring.

Gilberto Trivelato - IMA

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Gilberto Trivelato - IMA

Uploaded by

Copyright:

Available Formats

PROCESS WHAT IS IT?

IMA - Integrated Modular Avionics

Airborne Computer Systems

CMMI: Capability Maturity Model Integration

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

Relationship to Other Documents

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

How to Use This Presentation

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA Design AND Certification Terminology

IMA Design Terminology

III Semana de Engenharia Aeronutica EESC USP - 2006

2.2 Architectural Considerations

2.3.1 Platforms and Hosted Applications

Safety considerations Safety assessment

Application Programming Interface (API)

Health Monitoring and Fault Management

Platform and Module Suppliers

IMA System Integrator

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

The objectives of the IMA development process are to ensure that:

Back Plane Power Supply Common Hardware CPU & Memory

Application Specific Software

Application Specific Hardware

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

3.1 IMA System Development Process

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

3.1.2Hosted Application Development Process

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

3.1.3IMA System Development Process

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

3.2 IMA System Resource Allocation Activities

3.5 Partitioning and Resource Management Activities

3.3 Aircraft Safety and Security

3.4 Design Assurance and Tool Assurance

III Semana de Engenharia Aeronutica EESC USP - 2006

III Semana de Engenharia Aeronutica EESC USP - 2006

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

IMA - GENERAL DEVELOPMENT CONSIDERATIONS

3.5.1Design for Robust Partitioning